3Com 4200G 12-Port Configuration Manual page 191
4200g series switch
Hide thumbs
Also See for 4200G 12-Port:
- Configuration manual (730 pages) ,
- Getting started manual (104 pages) ,
- Quick reference manual (43 pages)
Table of Contents
Advertisement
Configuring Dynamic
VLAN Assignment
The dynamic VLAN assignment feature enables a switch to dynamically add the
switch ports of successfully authenticated users to different VLANs according to the
attributes assigned by the RADIUS server, so as to control the network resources that
different users can access.
Currently, the switch supports the RADIUS authentication server to assign the
following two types of VLAN IDs: integer and string.
Integer: If the RADIUS server assigns integer type of VLAN IDs, you can set the
■
VLAN assignment mode to integer on the switch (this is also the default mode on
the switch). Then, upon receiving an integer ID assigned by the RADIUS
authentication server, the switch adds the port to the VLAN whose VLAN ID is
equal to the assigned integer ID. If no such a VLAN exists, the switch first creates a
VLAN with the assigned ID, and then adds the port to the newly created VLAN.
String: If the RADIUS server assigns string type of VLAN IDs, you can set the VLAN
■
assignment mode to string on the switch. Then, upon receiving a string ID
assigned by the RADIUS authentication server, the switch compares the ID with
existing VLAN names on the switch. If it finds a match, it adds the port to the
corresponding VLAN. Otherwise, the VLAN assignment fails and the user cannot
pass the authentication.
In actual applications, to use this feature together with Guest VLAN, you should
better set port control to port-based mode; if you set port control to
MAC-address-based mode, each port can be connected to only one user.
Table 139 Configure dynamic VLAN assignment
Operation
Command
Enter system view
system-view
Create an ISP domain
domain isp-name
and enter its view
Set the VLAN
vlan-assignment-mode integer
assignment mode to
integer
Set the VLAN
vlan-assignment-mode string
assignment mode to
string
Create a VLAN and
vlan vlan_id
enter its view
Set a VLAN name for
name string
VLAN assignment
CAUTION: In string mode, if the VLAN ID assigned by the RADIUS server is a
character string containing only digits (for example, 1024), the switch first regards it
as an integer VLAN ID: the switch transforms the string to an integer value and judges
if the value is in the valid VLAN ID range; if it is, the switch adds the authenticated
port to the VLAN with the integer value as the VLAN ID (VLAN 1024, for example).
To implement dynamic VLAN assignment on a port where both MSTP and 802.1x
■
are enabled, you must set the MSTP port to an edge port.
AAA Configuration 177
Description
—
—
By default, the VLAN assignment
mode is integer.
You can select between this operation
and the above operation.
—
This operation is required if the VLAN
assignment mode is set to string.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
